Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/a1tDN4qKW-4nVLlYRQrU5ET5e9g.roa
File: a1tDN4qKW-4nVLlYRQrU5ET5e9g.roa (raw, json)
Hash identifier: OvHMLizH0NvwE8TFfGnPDQebvMjClg+2fqe/cjHoDVE=
Subject key identifier: 6B:5B:43:37:8A:8A:5B:EE:27:54:B9:58:45:0A:D4:E4:44:F9:7B:D8
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195E5E820ADFE708B6D9956D7A00297C712
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/a1tDN4qKW-4nVLlYRQrU5ET5e9g.roa
Signing time: Sun 30 Mar 2025 07:15:49 +0000
ROA not before: Sun 30 Mar 2025 07:15:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e5:e8:20:ad:fe:70:8b:6d:99:56:d7:a0:02:97:c7:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 30 07:15:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b5b43378a8a5bee2754b958450ad4e444f97bd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4a:7c:f4:b7:29:e9:7f:47:8c:f9:ce:d8:88:
c7:20:77:7c:e8:5d:f0:c9:39:63:0d:6d:e3:a4:3b:
be:79:33:d9:4e:be:06:13:d4:71:00:e9:4b:ee:e4:
0b:c1:c8:d5:61:90:74:df:ff:bf:80:38:bd:ff:f0:
df:8a:9a:4d:d4:b3:72:01:68:15:24:ea:5c:df:3e:
34:c5:d2:3e:f8:94:f0:36:65:8b:d6:47:d7:43:25:
dc:8d:76:d1:df:79:ac:6e:79:f2:a7:11:68:40:3c:
a5:3a:11:98:1c:37:32:56:c8:5b:60:87:aa:eb:01:
e9:f4:4a:d5:b6:97:ef:0c:28:57:a5:90:d0:4d:73:
20:a4:36:ac:ad:a2:bf:bb:fb:ae:8d:d8:4d:0c:73:
d3:cb:4f:1e:e7:9b:53:bd:ec:d1:c7:4f:0f:ac:5b:
5a:7a:30:bb:a2:f3:31:6f:f7:fb:72:7c:68:4c:a7:
ea:08:14:35:64:9e:7a:75:fb:2d:cd:7b:f2:aa:b9:
ef:d7:6f:47:6f:41:7c:62:84:45:e6:fd:58:71:f7:
ab:67:85:f8:0b:1f:33:ad:95:25:4c:8b:18:46:65:
62:59:5d:ed:60:80:35:62:95:16:87:85:9b:19:ad:
84:6d:7b:5b:a6:75:c0:2e:fd:f3:a2:86:44:8d:b7:
81:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:5B:43:37:8A:8A:5B:EE:27:54:B9:58:45:0A:D4:E4:44:F9:7B:D8
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/a1tDN4qKW-4nVLlYRQrU5ET5e9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
80:99:d9:bb:8f:a9:df:ea:15:b3:36:58:f9:49:7a:87:ed:c0:
12:ff:64:62:94:ae:a3:b9:ed:4b:c8:ab:ae:37:32:20:f1:95:
58:7c:f6:e7:e9:84:79:9a:d1:2a:b8:d1:3b:53:84:b4:91:d1:
2b:fb:aa:a3:42:ed:8e:04:92:4a:fb:0c:32:e8:88:d0:6f:95:
95:44:cf:c9:94:ce:7b:c3:60:f7:38:b9:06:37:68:3a:35:53:
cd:8c:4a:68:7d:ad:c4:2c:1d:52:60:fe:59:62:e8:8d:a3:fb:
b6:52:f2:32:6a:f7:2b:af:bf:da:3f:d8:f7:50:a8:bc:7c:74:
dc:21:b6:a3:c9:49:03:e0:19:4b:ad:3c:45:79:6c:98:e6:43:
25:4c:7b:81:38:b2:04:ea:32:29:96:36:44:25:34:1c:0a:c7:
3d:55:c9:d9:fb:26:80:9f:ce:80:9b:fc:70:56:06:e3:1a:01:
39:fa:d5:db:1e:a9:f3:40:96:cd:e6:5a:31:e4:06:c9:31:db:
ba:a1:ee:d1:ba:28:a5:e8:e7:f1:96:2b:9f:57:5d:7e:6b:d6:
6b:f7:b0:ee:28:ed:66:58:c0:1e:88:e8:c6:79:ff:74:18:91:
8f:a4:27:f7:fa:9b:76:bc:1f:23:75:77:f5:84:7f:d6:3b:ed:
c7:8e:bd:62
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXl6CCt/nCLbZlW16ACl8cSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzMwMDcxNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjViNDMzNzhhOGE1YmVlMjc1NGI5NTg0NTBhZDRlNDQ0Zjk3YmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEp89Lcp6X9HjPnO2IjHIHd86F3w
yTljDW3jpDu+eTPZTr4GE9RxAOlL7uQLwcjVYZB03/+/gDi9//DfippN1LNyAWgV
JOpc3z40xdI++JTwNmWL1kfXQyXcjXbR33msbnnypxFoQDylOhGYHDcyVshbYIeq
6wHp9ErVtpfvDChXpZDQTXMgpDasraK/u/uujdhNDHPTy08e55tTvezRx08PrFta
ejC7ovMxb/f7cnxoTKfqCBQ1ZJ56dfstzXvyqrnv129Hb0F8YoRF5v1YcferZ4X4
Cx8zrZUlTIsYRmViWV3tYIA1YpUWh4WbGa2EbXtbpnXALv3zooZEjbeB4wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGtbQzeKilvuJ1S5WEUK1ORE+XvYMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvYTF0RE40cUtXLTRuVkxsWVJRclU1RVQ1ZTlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAgJnZu4+p3+oVszZY+Ul6h+3A
Ev9kYpSuo7ntS8irrjcyIPGVWHz25+mEeZrRKrjRO1OEtJHRK/uqo0LtjgSSSvsM
MuiI0G+VlUTPyZTOe8Ng9zi5BjdoOjVTzYxKaH2txCwdUmD+WWLojaP7tlLyMmr3
K6+/2j/Y91CovHx03CG2o8lJA+AZS608RXlsmOZDJUx7gTiyBOoyKZY2RCU0HArH
PVXJ2fsmgJ/OgJv8cFYG4xoBOfrV2x6p80CWzeZaMeQGyTHbuqHu0boopejn8ZYr
n1ddfmvWa/ew7ijtZljAHojoxnn/dBiRj6Qn9/qbdrwfI3V39YR/1jvtx469Yg==
-----END CERTIFICATE-----
Generated at Mon Jun 16 06:18:38 2025 by rpki-client